Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/twitter-bootstrap4@0?distro=trixie
Typedeb
Namespacedebian
Nametwitter-bootstrap4
Version0
Qualifiers
distro trixie
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version4.3.1+dfsg2-1
Latest_non_vulnerable_version4.6.2+dfsg-2
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-5v1f-dupg-y7bc
vulnerability_id VCID-5v1f-dupg-y7bc
summary 
Bootstrap Cross-Site Scripting (XSS) vulnerability for data-* attributes
A security vulnerability has been discovered in bootstrap that could enable Cross-Site Scripting (XSS) attacks. The vulnerability is associated with the data-loading-text attribute within the button plugin. This vulnerability can be exploited by injecting malicious JavaScript code into the attribute, which would then be executed when the button's loading state is triggered.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6485.json
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6485.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-6485
reference_id
reference_type
scores
0
value 0.00135
scoring_system epss
scoring_elements 0.33195
published_at 2026-04-18T12:55:00Z
1
value 0.00135
scoring_system epss
scoring_elements 0.33217
published_at 2026-04-16T12:55:00Z
2
value 0.00135
scoring_system epss
scoring_elements 0.33176
published_at 2026-04-13T12:55:00Z
3
value 0.00135
scoring_system epss
scoring_elements 0.332
published_at 2026-04-12T12:55:00Z
4
value 0.00135
scoring_system epss
scoring_elements 0.3324
published_at 2026-04-11T12:55:00Z
5
value 0.00139
scoring_system epss
scoring_elements 0.3397
published_at 2026-04-21T12:55:00Z
6
value 0.00139
scoring_system epss
scoring_elements 0.34084
published_at 2026-04-02T12:55:00Z
7
value 0.00139
scoring_system epss
scoring_elements 0.34115
published_at 2026-04-04T12:55:00Z
8
value 0.00139
scoring_system epss
scoring_elements 0.33975
published_at 2026-04-07T12:55:00Z
9
value 0.00139
scoring_system epss
scoring_elements 0.34018
published_at 2026-04-08T12:55:00Z
10
value 0.00139
scoring_system epss
scoring_elements 0.34049
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-6485
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6485
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6485
3
reference_url https://github.com/twbs/bootstrap
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/twbs/bootstrap
4
reference_url https://lists.debian.org/debian-lts-announce/2025/04/msg00020.html
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2025/04/msg00020.html
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-6485
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-6485
6
reference_url https://www.herodevs.com/vulnerability-directory/cve-2024-6485
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-11T18:49:37Z/
url https://www.herodevs.com/vulnerability-directory/cve-2024-6485
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1084060
reference_id 1084060
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1084060
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2297388
reference_id 2297388
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2297388
9
reference_url https://github.com/advisories/GHSA-vxmc-5x29-h64v
reference_id GHSA-vxmc-5x29-h64v
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-vxmc-5x29-h64v
10
reference_url https://usn.ubuntu.com/7556-1/
reference_id USN-7556-1
reference_type
scores
url https://usn.ubuntu.com/7556-1/
fixed_packages
0
url pkg:deb/debian/twitter-bootstrap4@0?distro=trixie
purl pkg:deb/debian/twitter-bootstrap4@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/twitter-bootstrap4@0%3Fdistro=trixie
1
url pkg:deb/debian/twitter-bootstrap4@4.5.2%2Bdfsg1-8~deb11u1?distro=trixie
purl pkg:deb/debian/twitter-bootstrap4@4.5.2%2Bdfsg1-8~deb11u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/twitter-bootstrap4@4.5.2%252Bdfsg1-8~deb11u1%3Fdistro=trixie
2
url pkg:deb/debian/twitter-bootstrap4@4.6.1%2Bdfsg1-4%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/twitter-bootstrap4@4.6.1%2Bdfsg1-4%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/twitter-bootstrap4@4.6.1%252Bdfsg1-4%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/twitter-bootstrap4@4.6.2%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/twitter-bootstrap4@4.6.2%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/twitter-bootstrap4@4.6.2%252Bdfsg-1%3Fdistro=trixie
4
url pkg:deb/debian/twitter-bootstrap4@4.6.2%2Bdfsg-2?distro=trixie
purl pkg:deb/debian/twitter-bootstrap4@4.6.2%2Bdfsg-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/twitter-bootstrap4@4.6.2%252Bdfsg-2%3Fdistro=trixie
aliases CVE-2024-6485, GHSA-vxmc-5x29-h64v
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5v1f-dupg-y7bc
1
url VCID-eh2s-9hss-yken
vulnerability_id VCID-eh2s-9hss-yken
summary 
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
In Bootstrap, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.
references
0
reference_url https://access.redhat.com/errata/RHBA-2019:1076
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHBA-2019:1076
1
reference_url https://access.redhat.com/errata/RHBA-2019:1570
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHBA-2019:1570
2
reference_url https://access.redhat.com/errata/RHSA-2019:1456
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:1456
3
reference_url https://access.redhat.com/errata/RHSA-2019:3023
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:3023
4
reference_url https://access.redhat.com/errata/RHSA-2020:0132
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2020:0132
5
reference_url https://access.redhat.com/errata/RHSA-2020:0133
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2020:0133
6
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10735.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10735.json
7
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-10735
reference_id
reference_type
scores
0
value 0.06043
scoring_system epss
scoring_elements 0.90728
published_at 2026-04-09T12:55:00Z
1
value 0.06043
scoring_system epss
scoring_elements 0.90722
published_at 2026-04-08T12:55:00Z
2
value 0.06043
scoring_system epss
scoring_elements 0.90711
published_at 2026-04-07T12:55:00Z
3
value 0.06043
scoring_system epss
scoring_elements 0.90702
published_at 2026-04-04T12:55:00Z
4
value 0.06043
scoring_system epss
scoring_elements 0.90692
published_at 2026-04-02T12:55:00Z
5
value 0.06043
scoring_system epss
scoring_elements 0.90686
published_at 2026-04-01T12:55:00Z
6
value 0.06043
scoring_system epss
scoring_elements 0.90737
published_at 2026-04-11T12:55:00Z
7
value 0.06584
scoring_system epss
scoring_elements 0.91184
published_at 2026-04-21T12:55:00Z
8
value 0.06584
scoring_system epss
scoring_elements 0.91157
published_at 2026-04-12T12:55:00Z
9
value 0.06584
scoring_system epss
scoring_elements 0.91156
published_at 2026-04-13T12:55:00Z
10
value 0.06584
scoring_system epss
scoring_elements 0.91181
published_at 2026-04-18T12:55:00Z
11
value 0.06702
scoring_system epss
scoring_elements 0.91273
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-10735
8
reference_url https://blog.getbootstrap.com/2018/07/12/bootstrap-4-1-2
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://blog.getbootstrap.com/2018/07/12/bootstrap-4-1-2
9
reference_url https://blog.getbootstrap.com/2018/07/12/bootstrap-4-1-2/
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements
url https://blog.getbootstrap.com/2018/07/12/bootstrap-4-1-2/
10
reference_url https://blog.getbootstrap.com/2018/12/13/bootstrap-3-4-0
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://blog.getbootstrap.com/2018/12/13/bootstrap-3-4-0
11
reference_url https://blog.getbootstrap.com/2018/12/13/bootstrap-3-4-0/
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements
url https://blog.getbootstrap.com/2018/12/13/bootstrap-3-4-0/
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10735
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10735
13
reference_url https://github.com/github/advisory-database/pull/3281
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/github/advisory-database/pull/3281
14
reference_url https://github.com/twbs/bootstrap
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/twbs/bootstrap
15
reference_url https://github.com/twbs/bootstrap/issues/20184
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/twbs/bootstrap/issues/20184
16
reference_url https://github.com/twbs/bootstrap/issues/27915#issuecomment-452140906
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/twbs/bootstrap/issues/27915#issuecomment-452140906
17
reference_url https://github.com/twbs/bootstrap/pull/23679
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/twbs/bootstrap/pull/23679
18
reference_url https://github.com/twbs/bootstrap/pull/23687
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/twbs/bootstrap/pull/23687
19
reference_url https://github.com/twbs/bootstrap/pull/26460
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/twbs/bootstrap/pull/26460
20
reference_url https://www.tenable.com/security/tns-2021-14
reference_id
reference_type
scores
url https://www.tenable.com/security/tns-2021-14
21
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1668097
reference_id 1668097
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1668097
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:getbootstrap:bootstrap:4.0.0:beta:*:*:*:*:*:*
reference_id cpe:2.3:a:getbootstrap:bootstrap:4.0.0:beta:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:getbootstrap:bootstrap:4.0.0:beta:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-10735
reference_id CVE-2016-10735
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:P/A:N
1
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
2
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-10735
25
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/bootstrap/CVE-2016-10735.yml
reference_id CVE-2016-10735.YML
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/bootstrap/CVE-2016-10735.yml
26
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/bootstrap-sass/CVE-2016-10735.yml
reference_id CVE-2016-10735.YML
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/bootstrap-sass/CVE-2016-10735.yml
27
reference_url https://github.com/advisories/GHSA-4p24-vmcr-4gqj
reference_id GHSA-4p24-vmcr-4gqj
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-4p24-vmcr-4gqj
28
reference_url https://access.redhat.com/errata/RHSA-2020:3936
reference_id RHSA-2020:3936
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3936
29
reference_url https://access.redhat.com/errata/RHSA-2020:4670
reference_id RHSA-2020:4670
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4670
30
reference_url https://access.redhat.com/errata/RHSA-2020:4847
reference_id RHSA-2020:4847
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4847
31
reference_url https://access.redhat.com/errata/RHSA-2020:5571
reference_id RHSA-2020:5571
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5571
32
reference_url https://access.redhat.com/errata/RHSA-2023:0552
reference_id RHSA-2023:0552
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0552
33
reference_url https://access.redhat.com/errata/RHSA-2023:0553
reference_id RHSA-2023:0553
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0553
34
reference_url https://access.redhat.com/errata/RHSA-2023:0554
reference_id RHSA-2023:0554
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0554
35
reference_url https://access.redhat.com/errata/RHSA-2023:0556
reference_id RHSA-2023:0556
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0556
fixed_packages
0
url pkg:deb/debian/twitter-bootstrap4@0?distro=trixie
purl pkg:deb/debian/twitter-bootstrap4@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/twitter-bootstrap4@0%3Fdistro=trixie
1
url pkg:deb/debian/twitter-bootstrap4@4.5.2%2Bdfsg1-8~deb11u1?distro=trixie
purl pkg:deb/debian/twitter-bootstrap4@4.5.2%2Bdfsg1-8~deb11u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/twitter-bootstrap4@4.5.2%252Bdfsg1-8~deb11u1%3Fdistro=trixie
2
url pkg:deb/debian/twitter-bootstrap4@4.6.1%2Bdfsg1-4%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/twitter-bootstrap4@4.6.1%2Bdfsg1-4%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/twitter-bootstrap4@4.6.1%252Bdfsg1-4%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/twitter-bootstrap4@4.6.2%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/twitter-bootstrap4@4.6.2%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/twitter-bootstrap4@4.6.2%252Bdfsg-1%3Fdistro=trixie
4
url pkg:deb/debian/twitter-bootstrap4@4.6.2%2Bdfsg-2?distro=trixie
purl pkg:deb/debian/twitter-bootstrap4@4.6.2%2Bdfsg-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/twitter-bootstrap4@4.6.2%252Bdfsg-2%3Fdistro=trixie
aliases CVE-2016-10735, GHSA-4p24-vmcr-4gqj
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-eh2s-9hss-yken
2
url VCID-m8sd-c588-mqbr
vulnerability_id VCID-m8sd-c588-mqbr
summary 
Bootstrap Vulnerable to Cross-Site Scripting in its Popover and Tooltip Components
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Bootstrap allows Cross-Site Scripting (XSS). This issue affects Bootstrap version 3.4.1. At time of publication, there is no publicly available patched version.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1647.json
reference_id
reference_type
scores
0
value 5.6
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1647.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-1647
reference_id
reference_type
scores
0
value 0.00296
scoring_system epss
scoring_elements 0.5297
published_at 2026-04-21T12:55:00Z
1
value 0.00296
scoring_system epss
scoring_elements 0.52886
published_at 2026-04-02T12:55:00Z
2
value 0.00296
scoring_system epss
scoring_elements 0.52911
published_at 2026-04-04T12:55:00Z
3
value 0.00296
scoring_system epss
scoring_elements 0.5288
published_at 2026-04-07T12:55:00Z
4
value 0.00296
scoring_system epss
scoring_elements 0.52931
published_at 2026-04-08T12:55:00Z
5
value 0.00296
scoring_system epss
scoring_elements 0.52924
published_at 2026-04-09T12:55:00Z
6
value 0.00296
scoring_system epss
scoring_elements 0.52974
published_at 2026-04-11T12:55:00Z
7
value 0.00296
scoring_system epss
scoring_elements 0.52958
published_at 2026-04-12T12:55:00Z
8
value 0.00296
scoring_system epss
scoring_elements 0.52942
published_at 2026-04-13T12:55:00Z
9
value 0.00296
scoring_system epss
scoring_elements 0.52979
published_at 2026-04-16T12:55:00Z
10
value 0.00296
scoring_system epss
scoring_elements 0.52986
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-1647
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1647
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1647
3
reference_url https://github.com/twbs/bootstrap
reference_id
reference_type
scores
0
value 5.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/twbs/bootstrap
4
reference_url https://lists.debian.org/debian-lts-announce/2025/06/msg00001.html
reference_id
reference_type
scores
0
value 5.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2025/06/msg00001.html
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-1647
reference_id
reference_type
scores
0
value 5.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-1647
6
reference_url https://www.herodevs.com/vulnerability-directory/cve-2025-1647
reference_id
reference_type
scores
0
value 5.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T20:03:33Z/
url https://www.herodevs.com/vulnerability-directory/cve-2025-1647
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1105899
reference_id 1105899
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1105899
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2366608
reference_id 2366608
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2366608
9
reference_url https://github.com/advisories/GHSA-q58r-hwc8-rm9j
reference_id GHSA-q58r-hwc8-rm9j
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-q58r-hwc8-rm9j
fixed_packages
0
url pkg:deb/debian/twitter-bootstrap4@0?distro=trixie
purl pkg:deb/debian/twitter-bootstrap4@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/twitter-bootstrap4@0%3Fdistro=trixie
1
url pkg:deb/debian/twitter-bootstrap4@4.5.2%2Bdfsg1-8~deb11u1?distro=trixie
purl pkg:deb/debian/twitter-bootstrap4@4.5.2%2Bdfsg1-8~deb11u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/twitter-bootstrap4@4.5.2%252Bdfsg1-8~deb11u1%3Fdistro=trixie
2
url pkg:deb/debian/twitter-bootstrap4@4.6.1%2Bdfsg1-4%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/twitter-bootstrap4@4.6.1%2Bdfsg1-4%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/twitter-bootstrap4@4.6.1%252Bdfsg1-4%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/twitter-bootstrap4@4.6.2%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/twitter-bootstrap4@4.6.2%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/twitter-bootstrap4@4.6.2%252Bdfsg-1%3Fdistro=trixie
4
url pkg:deb/debian/twitter-bootstrap4@4.6.2%2Bdfsg-2?distro=trixie
purl pkg:deb/debian/twitter-bootstrap4@4.6.2%2Bdfsg-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/twitter-bootstrap4@4.6.2%252Bdfsg-2%3Fdistro=trixie
aliases CVE-2025-1647, GHSA-q58r-hwc8-rm9j
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m8sd-c588-mqbr
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/twitter-bootstrap4@0%3Fdistro=trixie